diff --git a/usr.sbin/chroot/chroot.c b/usr.sbin/chroot/chroot.c index bb87ae6f0503..b14e1cbf4597 100644 --- a/usr.sbin/chroot/chroot.c +++ b/usr.sbin/chroot/chroot.c @@ -1,198 +1,198 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1988, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1988, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint static char sccsid[] = "@(#)chroot.c 8.1 (Berkeley) 6/9/93"; #endif /* not lint */ #endif #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include #include #include static void usage(void); int main(int argc, char *argv[]) { struct group *gp; struct passwd *pw; char *endp, *p, *user, *group, *grouplist; const char *shell; gid_t gid, *gidlist; uid_t uid; int arg, ch, error, gids; long ngroups_max; - bool nonpriviledged; + bool nonprivileged; gid = 0; uid = 0; user = group = grouplist = NULL; - nonpriviledged = false; + nonprivileged = false; while ((ch = getopt(argc, argv, "G:g:u:n")) != -1) { switch(ch) { case 'u': user = optarg; if (*user == '\0') usage(); break; case 'g': group = optarg; if (*group == '\0') usage(); break; case 'G': grouplist = optarg; if (*grouplist == '\0') usage(); break; case 'n': - nonpriviledged = true; + nonprivileged = true; break; case '?': default: usage(); } } argc -= optind; argv += optind; if (argc < 1) usage(); if (group != NULL) { if (isdigit((unsigned char)*group)) { gid = (gid_t)strtoul(group, &endp, 0); if (*endp != '\0') goto getgroup; } else { getgroup: if ((gp = getgrnam(group)) != NULL) gid = gp->gr_gid; else errx(1, "no such group `%s'", group); } } ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; if ((gidlist = malloc(sizeof(gid_t) * ngroups_max)) == NULL) err(1, "malloc"); for (gids = 0; (p = strsep(&grouplist, ",")) != NULL && gids < ngroups_max; ) { if (*p == '\0') continue; if (isdigit((unsigned char)*p)) { gidlist[gids] = (gid_t)strtoul(p, &endp, 0); if (*endp != '\0') goto getglist; } else { getglist: if ((gp = getgrnam(p)) != NULL) gidlist[gids] = gp->gr_gid; else errx(1, "no such group `%s'", p); } gids++; } if (p != NULL && gids == ngroups_max) errx(1, "too many supplementary groups provided"); if (user != NULL) { if (isdigit((unsigned char)*user)) { uid = (uid_t)strtoul(user, &endp, 0); if (*endp != '\0') goto getuser; } else { getuser: if ((pw = getpwnam(user)) != NULL) uid = pw->pw_uid; else errx(1, "no such user `%s'", user); } } - if (nonpriviledged) { + if (nonprivileged) { arg = PROC_NO_NEW_PRIVS_ENABLE; error = procctl(P_PID, getpid(), PROC_NO_NEW_PRIVS_CTL, &arg); if (error != 0) err(1, "procctl"); } if (chdir(argv[0]) == -1 || chroot(".") == -1) err(1, "%s", argv[0]); if (gids && setgroups(gids, gidlist) == -1) err(1, "setgroups"); if (group && setgid(gid) == -1) err(1, "setgid"); if (user && setuid(uid) == -1) err(1, "setuid"); if (argv[1]) { execvp(argv[1], &argv[1]); err(1, "%s", argv[1]); } if (!(shell = getenv("SHELL"))) shell = _PATH_BSHELL; execlp(shell, shell, "-i", (char *)NULL); err(1, "%s", shell); /* NOTREACHED */ } static void usage(void) { (void)fprintf(stderr, "usage: chroot [-g group] [-G group,group,...] " - "[-u user] [-n ] newroot [command]\n"); + "[-u user] [-n] newroot [command]\n"); exit(1); }